We use cookies to customise content for your subscription and for analytics.If you continue to browse Lexology, we will assume that you are happy to receive all our cookies. For further information please read our Cookie Policy.

DOJ Curbs Abuse of “Gag Orders” for Subpoenas to Electronic Service Providers

On October 19, 2019, the U.S. Department of Justice revised its policy regarding the use of so-called “gag orders” for subpoenas and search warrants issued pursuant to the Stored Communications Act. Per a Department-wide memo from Deputy Attorney General Rod J. Rosenstein, the use of gag orders will be limited to special circumstances, and in all other cases, service providers will be permitted to alert users when their data has been provided to the government. The memo comes on the heels of a 2016 suit filed by Microsoft asking that the practice be deemed unconstitutional.

Section 2705(b) of the SCA allows the government to obtain, through subpoena or search warrant, email communications and other data from service providers such as Microsoft. When warranted, the SCA provides that the government may obtain a protective order prohibiting the service provider from notifying anyone—including the affected users—of the receipt of legal process or the fact that the requested information had been disclosed.

Microsoft has long argued that the gag order mechanism was overused and that the DOJ often obtained rubber-stamped orders without any end date, thereby prohibiting users from ever learning that their personal communications and other data had been turned over to the DOJ. Without notice, such users were also deprived of the opportunity to move to quash the subpoena or search warrant. In 2016, Microsoft filed suit against the DOJ for declaratory relief, seeking a ruling that Section 2705(b) is unconstitutional under the First and Fourth Amendments. Microsoft Corp. v. U.S. Dept. of Justice, Case No. 2:16-cv-00538-JLR (W.D. Wash.). Over 70 organizations on both sides of the issue appeared as amicus curiae in the case, including the American Civil Liberties Union Foundation, the Electronic Frontier Foundation, an association of former law enforcement officials, and numerous electronic service providers.

Under the DOJ’s new policy, prosecutors are required to “conduct an individualized and meaningful assessment regarding the need for protection from disclosure” prior to seeking a gag order. Rote recycling of gag order applications is prohibited as each application must be tailored to the facts and concerns specific to the investigation. “Barring exceptional circumstances,” gag orders may only delay notice to users for one year or less, although subsequent extensions may be sought if the factors justifying the gag continue to exist at the time of expiration.

In an October 23 blog post, Brad Smith, Microsoft’s President and Chief Legal Officer hailed the changes as “an important step for both privacy and free expression.” On October 25, Microsoft voluntarily dismissed its lawsuit.

Ginny Sanderson is a partner at Kronenberger Rosenfeld, LLP, a San Francisco-based Internet, technology and media law firm. She is a member of the California Bar and Co-Chair of the Internet & Privacy Law Committee.